NOMISEC-pauloink/CVE-2022-1388

NOMISEC WORKING POC
Exploit for CVE-2022-1388 - F5 BIG-IP iControl RCE via REST Authentication Bypass
AI Analysis

This Python script exploits CVE-2022-1388, an authentication bypass vulnerability in F5 BIG-IP iControl REST, allowing unauthenticated remote command execution via a crafted POST request to the management interface.

Attack Type
RCE
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services
Loading exploit code...
Download ZIP Password: eip
Source
Platform Nomisec
Type remote
Files 1
Stars 0
Forks 2
Last Push May 11, 2022
Authors
pauloink
Vulnerability
CVE-2022-1388
F5 BIG-IP iControl RCE via REST Authentication Bypass
CRITICAL KEV
CVSS 9.8